Information Security Manager
Payactiv SDS-IT
Total years of experience :4 years, 1 Months
• Develop and implement governance frameworks, including ISO27001, SOC2, and PCI DSS, covering various aspects such as Enterprise Risk Management, Compliance, and Document/Record Management.
• Provide assistance to the Manager & CISO in order to elevate the effectiveness of Governance, risk management, and Compliance Management Systems.
• Continuously monitor, measure, analyze, and enhance the performance of departmental activities and projects related to GRC.
• Assist the sales department in addressing security-related inquiries in RFI/RFPs.
• Address challenges, develop strategic roadmaps, and deliver sustainable solutions to improve GRC processes and systems.
• Monitored, reported, and remediated internal and external issues related to ISMS, implementing corrective action plans.
• Initiate regular reviews and assessments as part of the continuous improvement cycle for all departmental projects and processes.
• Collaborate with relevant entities to improve the efficiency and effectiveness of Governance.
• Participated in change management sessions during sprint deployment.
• Maintain documentation for Business Continuity Plans.
• Oversee the Top Corporate Risks Program, working closely with initiative sponsors and owners to identify, assess, and execute risk-related initiatives effectively.
• Updated risk assessment register annually or with major changes.
• Support information security awareness training efforts within the company.
• Defined, reviewed, and edited information security policies based on compliance standards and conditions.
• Generated and managed internal audit reports, facilitating process improvements in collaboration with stakeholders.
• Possess knowledge about Data Privacy regulations such as GDPR and CCPA.
• Creation of pertinent Key Performance Indicators (KPIs) for Governance, Risk, and Compliance (GRC) and the establishment of reporting protocols.
URL removed due to policy violation. Please contact support for further information.